[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#496851: yelp: does not correctly handle format strings for certain error messages

notfound 496851 2.22-1-6
thank you

what about a getting a fix for this issue into stable?

> yelp (2.22.1-4) unstable; urgency=high
>  * SECURITY: New patch, 60_format-string, fixes format string vulnerability;
>    bump urgency to high; CVE-2008-3533; GNOME #546364; from SVN r3173;
>    LP: #254860.
>> Package: yelp
>> Version: 2.22.1-6
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>> yelp is vulnerable to attacks via badly formatted strings for certain error
>> messages.  ubuntu recently released a fix for this problem [1].  the issue
>> is described as:
>>   Aaron Grattafiori discovered that the Gnome Help Viewer did not handle
>>   format strings correctly when displaying certain error messages.  If a
>>   user were tricked into opening a specially crafted URI, a remote attacker
>>   could execute arbitrary code with user privileges.
>> this may or may not be related to CVE-2008-3533 [2].  this should be
>> considered a high-urgency vulnerability since it allows remote attackers
>> to exectute arbitrary code.
>> thank you for the hard work.
>> [1] http://www.ubuntu.com/usn/usn-638-1
>> [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533

Reply to: